MyCity » Ambulanta -> Arhiva Ambulante » Veliki problem, pomoc !

Veliki problem, pomoc !

Napisano na dan: 28.1.2009

Strana:
1
2
3
4

Veliki problem, pomoc !

Pagination

Prethodna strana

Sledeća strana

Pagination

Odgovori

Strana:
1
2
3
4

Gaius Poslao: 29 Jan 2009 12:40 Idi na vrh
offline Gaius Građanin Pridružio: 28 Jan 2009 Poruke: 76	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! GMER 1.0.14.14536 - gmer.net Rootkit scan 2009-01-29 12:20:02 Windows 5.1.2600 Service Pack 2 ---- System - GMER 1.0.14 ---- INT 0x62 ? 86FD8BF8 INT 0x63 ? 86C51F00 INT 0x63 ? 86C51F00 INT 0x73 ? 86C51F00 INT 0x82 ? 86FD8BF8 INT 0xA4 ? 86C51F00 INT 0xB4 ? 86C51F00 Code 86C8F0E8 ZwEnumerateKey Code 86C8B308 ZwFlushInstructionCache Code AF231323 pIofCallDriver ---- Kernel code sections - GMER 1.0.14 ---- PAGE ntoskrnl.exe!ZwEnumerateKey 8056EF68 5 Bytes JMP 86C8F0EC PAGE ntoskrnl.exe!ZwFlushInstructionCache 80577A7A 5 Bytes JMP 86C8B30C ? sprl.sys The system cannot find the file specified. ! ? C:\WINDOWS\system32\drivers\ati0rwxx.sys Access is denied. ! .text USBPORT.SYS!DllUnload B74B480C 5 Bytes JMP 86C514E0 .text Beep.SYS BAE79300 67 Bytes [ 71, B1, 16, 98, 3A, 3F, 80, ... ] .text Beep.SYS BAE79344 61 Bytes [ 6A, 7C, 8D, B1, 17, 9A, 42, ... ] .text Beep.SYS BAE79382 99 Bytes [ 26, FE, 9A, 6D, CC, 2E, 07, ... ] .text Beep.SYS BAE793E6 206 Bytes [ D1, 2A, 6F, 88, 02, 86, 30, ... ] .text Beep.SYS BAE794B5 124 Bytes [ AF, 75, 30, DB, 68, B1, 13, ... ] ---- User code sections - GMER 1.0.14 ---- .text C:\Program Files\Internet Explorer\iexplore.exe[1056] WININET.dll!InternetConnectA 771C30C3 5 Bytes JMP 007C000A .text C:\Program Files\Internet Explorer\iexplore.exe[1056] WININET.dll!HttpOpenRequestA 771C36AD 5 Bytes JMP 0087000A .text C:\Program Files\Internet Explorer\iexplore.exe[1056] WININET.dll!InternetCloseHandle 771C4D6C 5 Bytes JMP 007E000A .text C:\Program Files\Internet Explorer\iexplore.exe[1056] WININET.dll!HttpSendRequestA 771C6249 5 Bytes JMP 0085000A .text C:\Program Files\Internet Explorer\iexplore.exe[1056] WININET.dll!InternetReadFile 771C80F4 5 Bytes JMP 0080000A .text C:\Program Files\Internet Explorer\iexplore.exe[1056] WININET.dll!InternetConnectW 771CEE00 5 Bytes JMP 007D000A .text C:\Program Files\Internet Explorer\iexplore.exe[1056] WININET.dll!HttpOpenRequestW 771CF4C6 5 Bytes JMP 0088000A .text C:\Program Files\Internet Explorer\iexplore.exe[1056] WININET.dll!InternetQueryDataAvailable 771D8A0F 5 Bytes JMP 007F000A .text C:\Program Files\Internet Explorer\iexplore.exe[1056] WININET.dll!InternetSetStatusCallback 771D907C 5 Bytes JMP 0083000A .text C:\Program Files\Internet Explorer\iexplore.exe[1056] WININET.dll!InternetReadFileExW 771F7439 5 Bytes JMP 0082000D .text C:\Program Files\Internet Explorer\iexplore.exe[1056] WININET.dll!InternetReadFileExA 771F8140 5 Bytes JMP 0081000A .text C:\Program Files\Internet Explorer\iexplore.exe[1056] WININET.dll!InternetSetStatusCallbackW 771F8C93 5 Bytes JMP 0084000A .text C:\Program Files\Internet Explorer\iexplore.exe[1056] WININET.dll!HttpSendRequestW 77211CEC 5 Bytes JMP 0086000A ? C:\Documents and Settings\Nikola\Application Data\svchost.exe[1896] image checksum mismatch; number of sections mismatch; time/date stamp mismatch; unknown module: WSOCK32.dllunknown module: VERSION.dllunknown module: WINMM.dllunknown module: COMCTL32.dllunknown module: MPR.dllunknown module: comdlg32.dllunknown module: OLEAUT32.dll ? C:\WINDOWS\System32\svchost.exe[2296] image checksum mismatch; number of sections mismatch; time/date stamp mismatch; unknown module: DNSAPI.dllunknown module: gdiplus.dll ? C:\WINDOWS\System32\svchost.exe[2304] image checksum mismatch; number of sections mismatch; time/date stamp mismatch; unknown module: gdiplus.dllunknown module: OLEAUT32.dll ? C:\WINDOWS\System32\svchost.exe[2328] image checksum mismatch; number of sections mismatch; time/date stamp mismatch; unknown module: gdiplus.dllunknown module: OLEAUT32.dll ? C:\WINDOWS\System32\svchost.exe[2336] image checksum mismatch; number of sections mismatch; time/date stamp mismatch; ? C:\WINDOWS\system32\svchost.exe[2564] image checksum mismatch; number of sections mismatch; time/date stamp mismatch; ? C:\WINDOWS\system32\svchost.exe[2748] image checksum mismatch; time/date stamp mismatch; unknown module: msvcrt.dllunknown module: gdiplus.dllunknown module: OLEAUT32.dll .text C:\WINDOWS\system32\taskmgr.exe[3712] USER32.dll!MessageBoxW 77D960F2 3 Bytes [ 31, C0, C3 ] ---- Kernel IAT/EAT - GMER 1.0.14 ---- IAT \WINDOWS\System32\Drivers\SCSIPORT.SYS[ntoskrnl.exe!DbgBreakPoint] 86FDB2D8 IAT pci.sys[ntoskrnl.exe!IoDetachDevice] [F75AB6D0] sprl.sys IAT pci.sys[ntoskrnl.exe!IoAttachDeviceToDeviceStack] [F75AF708] sprl.sys IAT atapi.sys[HAL.dll!READ_PORT_UCHAR] [F7586046] sprl.sys IAT atapi.sys[HAL.dll!READ_PORT_BUFFER_USHORT] [F7586142] sprl.sys IAT atapi.sys[HAL.dll!READ_PORT_USHORT] [F75860C4] sprl.sys IAT atapi.sys[HAL.dll!WRITE_PORT_BUFFER_USHORT] [F75867CE] sprl.sys IAT atapi.sys[HAL.dll!WRITE_PORT_UCHAR] [F75866A4] sprl.sys IAT \SystemRoot\system32\DRIVERS\USBPORT.SYS[ntoskrnl.exe!DbgBreakPoint] 86C515E0 IAT \SystemRoot\system32\DRIVERS\i8042prt.sys[HAL.dll!READ_PORT_UCHAR] [F7591D7A] sprl.sys IAT \SystemRoot\System32\Drivers\Beep.SYS[ntoskrnl.exe!MmLockPagableDataSection] 82AF0B23 IAT \SystemRoot\System32\Drivers\Beep.SYS[ntoskrnl.exe!KeCancelTimer] 4849C7B4 IAT \SystemRoot\System32\Drivers\Beep.SYS[ntoskrnl.exe!MmUnlockPagableImageSection] 5A123A89 IAT \SystemRoot\System32\Drivers\Beep.SYS[ntoskrnl.exe!IoStartNextPacket] 4CDA4CB2 IAT \SystemRoot\System32\Drivers\Beep.SYS[ntoskrnl.exe!KeSetTimer] 0D67CB7F IAT \SystemRoot\System32\Drivers\Beep.SYS[ntoskrnl.exe!_allmul] 23F4F980 IAT \SystemRoot\System32\Drivers\Beep.SYS[ntoskrnl.exe!IoStartPacket] D8776385 IAT \SystemRoot\System32\Drivers\Beep.SYS[ntoskrnl.exe!KeInitializeEvent] 15D6099E IAT \SystemRoot\System32\Drivers\Beep.SYS[ntoskrnl.exe!KeInitializeTimer] 0F1C2C1B IAT \SystemRoot\System32\Drivers\Beep.SYS[ntoskrnl.exe!KeInitializeDpc] 132B4C8C IAT \SystemRoot\System32\Drivers\Beep.SYS[ntoskrnl.exe!IoCreateDevice] 7FB932C1 IAT \SystemRoot\System32\Drivers\Beep.SYS[ntoskrnl.exe!RtlInitUnicodeString] A2DA05CA IAT \SystemRoot\System32\Drivers\Beep.SYS[ntoskrnl.exe!IoAcquireCancelSpinLock] 1F96C8F7 IAT \SystemRoot\System32\Drivers\Beep.SYS[ntoskrnl.exe!KeRemoveDeviceQueue] 6551CCD8 IAT \SystemRoot\System32\Drivers\Beep.SYS[ntoskrnl.exe!KeRemoveEntryDeviceQueue] 5700E43D IAT \SystemRoot\System32\Drivers\Beep.SYS[ntoskrnl.exe!IoReleaseCancelSpinLock] 3AA46D36 IAT \SystemRoot\System32\Drivers\Beep.SYS[ntoskrnl.exe!IoDeleteDevice] 0F3E7E13 IAT \SystemRoot\System32\Drivers\Beep.SYS[ntoskrnl.exe!IofCompleteRequest] 15DAC664 IAT \SystemRoot\System32\Drivers\Beep.SYS[HAL.dll!ExReleaseFastMutex] 045C2B51 IAT \SystemRoot\System32\Drivers\Beep.SYS[HAL.dll!KfRaiseIrql] 86B3209A IAT \SystemRoot\System32\Drivers\Beep.SYS[HAL.dll!KfLowerIrql] DB278F07 IAT \SystemRoot\System32\Drivers\Beep.SYS[HAL.dll!HalMakeBeep] 65C5EB28 IAT \SystemRoot\System32\Drivers\Beep.SYS[HAL.dll!ExAcquireFastMutex] AB66BBCD ---- User IAT/EAT - GMER 1.0.14 ---- IAT C:\WINDOWS\System32\svchost.exe[2296] @ C:\WINDOWS\System32\svchost.exe [ADVAPI32.dll!RegQueryValueExW] [77DD6BF0] C:\WINDOWS\system32\ADVAPI32.dll (Advanced Windows 32 Base API/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2296] @ C:\WINDOWS\System32\svchost.exe [ADVAPI32.dll!SetSecurityDescriptorDacl] [77DD7883] C:\WINDOWS\system32\ADVAPI32.dll (Advanced Windows 32 Base API/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2296] @ C:\WINDOWS\System32\svchost.exe [ADVAPI32.dll!SetEntriesInAclW] [77DD761B] C:\WINDOWS\system32\ADVAPI32.dll (Advanced Windows 32 Base API/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2296] @ C:\WINDOWS\System32\svchost.exe [ADVAPI32.dll!SetSecurityDescriptorGroup] [77DDEBE7] C:\WINDOWS\system32\ADVAPI32.dll (Advanced Windows 32 Base API/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2296] @ C:\WINDOWS\System32\svchost.exe [ADVAPI32.dll!SetSecurityDescriptorOwner] [77DFC534] C:\WINDOWS\system32\ADVAPI32.dll (Advanced Windows 32 Base API/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2296] @ C:\WINDOWS\System32\svchost.exe [ADVAPI32.dll!InitializeSecurityDescriptor] [77DFD11B] C:\WINDOWS\system32\ADVAPI32.dll (Advanced Windows 32 Base API/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2296] @ C:\WINDOWS\System32\svchost.exe [ADVAPI32.dll!GetTokenInformation] [77DD7753] C:\WINDOWS\system32\ADVAPI32.dll (Advanced Windows 32 Base API/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2296] @ C:\WINDOWS\System32\svchost.exe [ADVAPI32.dll!OpenProcessToken] 00000000 IAT C:\WINDOWS\System32\svchost.exe[2296] @ C:\WINDOWS\System32\svchost.exe [ADVAPI32.dll!OpenThreadToken] [76F36C5B] C:\WINDOWS\System32\DNSAPI.dll (DNS Client API DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2296] @ C:\WINDOWS\System32\svchost.exe [ADVAPI32.dll!SetServiceStatus] [76F35002] C:\WINDOWS\System32\DNSAPI.dll (DNS Client API DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2296] @ C:\WINDOWS\System32\svchost.exe [ADVAPI32.dll!RegisterServiceCtrlHandlerW] [76F25B4D] C:\WINDOWS\System32\DNSAPI.dll (DNS Client API DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2296] @ C:\WINDOWS\System32\svchost.exe [ADVAPI32.dll!RegCloseKey] 00000000 IAT C:\WINDOWS\System32\svchost.exe[2296] @ C:\WINDOWS\System32\svchost.exe [ADVAPI32.dll!RegOpenKeyExW] [77F2BFB3] C:\WINDOWS\system32\GDI32.dll (GDI Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2296] @ C:\WINDOWS\System32\svchost.exe [ADVAPI32.dll!StartServiceCtrlDispatcherW] 00000000 IAT C:\WINDOWS\System32\svchost.exe[2296] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!WideCharToMultiByte] [7C80A9CC] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2296] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!lstrlenW] [7C80176B] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2296] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!LocalFree] [7C814EEA] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2296] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!GetCurrentProcess] [7C8218D2] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2296] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!GetCurrentThread] [7C810B8E] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2296] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!GetProcAddress] [7C810D87] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2296] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!LoadLibraryExW] [7C802367] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2296] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!LCMapStringW] [7C830921] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2296] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!FreeLibrary] [7C809A72] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2296] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!lstrcpyW] [7C864140] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2296] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!ExpandEnvironmentStringsW] [7C910331] C:\WINDOWS\system32\ntdll.dll (NT Layer DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2296] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!lstrcmpiW] [7C835027] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2296] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!ExitProcess] [7C812F1D] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2296] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!GetCommandLineW] [7C8111DA] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2296] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!InitializeCriticalSection] [7C80B905] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2296] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!GetProcessHeap] [7C80945C] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2296] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!SetErrorMode] [7C81CA62] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2296] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!SetUnhandledExceptionFilter] [7C80C058] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2296] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!RegisterWaitForSingleObject] [7C802442] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2296] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!InterlockedCompareExchange] [7C81CA8B] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2296] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!LoadLibraryA] [7C82FB40] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2296] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!QueryPerformanceCounter] [7C809728] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2296] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!GetTickCount] [7C809B47] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2296] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!GetCurrentThreadId] [7C810637] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2296] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!GetCurrentProcessId] [7C80E93F] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2296] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!GetSystemTimeAsFileTime] [7C80EA1B] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2296] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!TerminateProcess] [7C830CB4] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2296] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!UnhandledExceptionFilter] [7C809A09] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2296] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!LocalAlloc] [7C809E01] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2296] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!lstrcmpW] [7C80BAA1] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2296] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!DelayLoadFailureHook] [7C80929C] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2296] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!NtQuerySecurityObject] [7C9105D4] C:\WINDOWS\system32\ntdll.dll (NT Layer DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2296] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!RtlFreeHeap] [7C9179FD] C:\WINDOWS\system32\ntdll.dll (NT Layer DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2296] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!NtOpenKey] [7C91043D] C:\WINDOWS\system32\ntdll.dll (NT Layer DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2296] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!wcscat] [7C809E79] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2296] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!wcscpy] [7C802520] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2296] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!RtlAllocateHeap] [7C8024A7] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2296] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!RtlCompareUnicodeString] [7C810B1C] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2296] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!RtlInitUnicodeString] 00000000 IAT C:\WINDOWS\System32\svchost.exe[2296] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!RtlInitializeSid] [7CA40EB0] C:\WINDOWS\system32\SHELL32.dll (Windows Shell Common Dll/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2296] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!RtlLengthRequiredSid] 00000000 IAT C:\WINDOWS\System32\svchost.exe[2296] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!RtlSubAuthoritySid] [77F6818C] C:\WINDOWS\system32\SHLWAPI.dll (Shell Light-weight Utility Library/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2296] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!NtClose] [77F8C41E] C:\WINDOWS\system32\SHLWAPI.dll (Shell Light-weight Utility Library/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2296] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!RtlSubAuthorityCountSid] [77F72240] C:\WINDOWS\system32\SHLWAPI.dll (Shell Light-weight Utility Library/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2296] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!RtlGetDaclSecurityDescriptor] 00000000 IAT C:\WINDOWS\System32\svchost.exe[2296] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!RtlQueryInformationAcl] [77D5ED74] C:\WINDOWS\system32\USER32.dll (Windows XP USER API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2296] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!RtlGetAce] [77D486C7] C:\WINDOWS\system32\USER32.dll (Windows XP USER API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2296] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!RtlImageNtHeader] [77D4A8AD] C:\WINDOWS\system32\USER32.dll (Windows XP USER API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2296] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!wcslen] 00000000 IAT C:\WINDOWS\System32\svchost.exe[2296] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!RtlUnhandledExceptionFilter] [771C6249] C:\WINDOWS\system32\WININET.dll (Internet Extensions for Win32/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2296] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!RtlCopySid] [771C30C3] C:\WINDOWS\system32\WININET.dll (Internet Extensions for Win32/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2296] @ C:\WINDOWS\System32\svchost.exe [RPCRT4.dll!RpcServerUnregisterIfEx] [771C780A] C:\WINDOWS\system32\WININET.dll (Internet Extensions for Win32/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2296] @ C:\WINDOWS\System32\svchost.exe [RPCRT4.dll!RpcMgmtWaitServerListen] [771C4D6C] C:\WINDOWS\system32\WININET.dll (Internet Extensions for Win32/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2296] @ C:\WINDOWS\System32\svchost.exe [RPCRT4.dll!RpcMgmtSetServerStackSize] [771C36AD] C:\WINDOWS\system32\WININET.dll (Internet Extensions for Win32/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2296] @ C:\WINDOWS\System32\svchost.exe [RPCRT4.dll!RpcServerUnregisterIf] [771C80F4] C:\WINDOWS\system32\WININET.dll (Internet Extensions for Win32/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2296] @ C:\WINDOWS\System32\svchost.exe [RPCRT4.dll!RpcServerListen] 00000000 IAT C:\WINDOWS\System32\svchost.exe[2296] @ C:\WINDOWS\System32\svchost.exe [RPCRT4.dll!RpcServerUseProtseqEpW] [71AB428A] C:\WINDOWS\System32\WS2_32.dll (Windows Socket 2.0 32-Bit DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2296] @ C:\WINDOWS\System32\svchost.exe [RPCRT4.dll!RpcServerRegisterIf] [71AB615A] C:\WINDOWS\System32\WS2_32.dll (Windows Socket 2.0 32-Bit DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2296] @ C:\WINDOWS\System32\svchost.exe [RPCRT4.dll!I_RpcMapWin32Status] [71AB3B91] C:\WINDOWS\System32\WS2_32.dll (Windows Socket 2.0 32-Bit DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2296] @ C:\WINDOWS\System32\svchost.exe [RPCRT4.dll!RpcMgmtStopServerListening] [71AB9639] C:\WINDOWS\System32\WS2_32.dll (Windows Socket 2.0 32-Bit DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2304] @ C:\WINDOWS\System32\svchost.exe [ADVAPI32.dll!RegQueryValueExW] [77DD6A78] C:\WINDOWS\system32\ADVAPI32.dll (Advanced Windows 32 Base API/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2304] @ C:\WINDOWS\System32\svchost.exe [ADVAPI32.dll!SetSecurityDescriptorDacl] [77DD6FC8] C:\WINDOWS\system32\ADVAPI32.dll (Advanced Windows 32 Base API/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2304] @ C:\WINDOWS\System32\svchost.exe [ADVAPI32.dll!SetEntriesInAclW] [77DDD7CC] C:\WINDOWS\system32\ADVAPI32.dll (Advanced Windows 32 Base API/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2304] @ C:\WINDOWS\System32\svchost.exe [ADVAPI32.dll!SetSecurityDescriptorGroup] [77DD6BF0] C:\WINDOWS\system32\ADVAPI32.dll (Advanced Windows 32 Base API/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2304] @ C:\WINDOWS\System32\svchost.exe [ADVAPI32.dll!SetSecurityDescriptorOwner] 00000000 IAT C:\WINDOWS\System32\svchost.exe[2304] @ C:\WINDOWS\System32\svchost.exe [ADVAPI32.dll!InitializeSecurityDescriptor] [7C838974] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2304] @ C:\WINDOWS\System32\svchost.exe [ADVAPI32.dll!GetTokenInformation] [7C80CCA8] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2304] @ C:\WINDOWS\System32\svchost.exe [ADVAPI32.dll!OpenProcessToken] [7C838D50] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2304] @ C:\WINDOWS\System32\svchost.exe [ADVAPI32.dll!OpenThreadToken] [7C80B4CF] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2304] @ C:\WINDOWS\System32\svchost.exe [ADVAPI32.dll!SetServiceStatus] [7C809A51] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2304] @ C:\WINDOWS\System32\svchost.exe [ADVAPI32.dll!RegisterServiceCtrlHandlerW] [7C809AE4] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2304] @ C:\WINDOWS\System32\svchost.exe [ADVAPI32.dll!RegCloseKey] [7C8127A7] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2304] @ C:\WINDOWS\System32\svchost.exe [ADVAPI32.dll!RegOpenKeyExW] [7C809915] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2304] @ C:\WINDOWS\System32\svchost.exe [ADVAPI32.dll!StartServiceCtrlDispatcherW] [7C812E76] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2304] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!WideCharToMultiByte] [7C80DDF5] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2304] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!lstrlenW] [7C801E16] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2304] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!LocalFree] [7C9109ED] C:\WINDOWS\system32\ntdll.dll (NT Layer DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2304] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!GetCurrentProcess] [7C809BC5] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2304] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!GetCurrentThread] [7C809740] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2304] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!GetProcAddress] [7C80B6A1] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2304] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!LoadLibraryExW] [7C80B9D1] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2304] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!LCMapStringW] [7C809E01] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2304] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!FreeLibrary] [7C812F1D] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2304] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!lstrcpyW] [7C8111DA] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2304] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!ExpandEnvironmentStringsW] [7C802520] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2304] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!lstrcmpiW] [7C810637] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2304] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!ExitProcess] [7C80A03B] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2304] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!GetCommandLineW] [7C8307ED] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2304] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!InitializeCriticalSection] [7C80E93F] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2304] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!GetProcessHeap] [7C802442] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2304] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!SetErrorMode] [7C809B47] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2304] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!SetUnhandledExceptionFilter] [7C80EA1B] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2304] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!RegisterWaitForSingleObject] [7C80A9CC] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2304] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!InterlockedCompareExchange] [7C810111] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2304] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!LoadLibraryA] [7C80BE01] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2304] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!QueryPerformanceCounter] [7C80BDB6] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2304] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!GetTickCount] [7C834CA9] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2304] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!GetCurrentThreadId] [7C80978E] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2304] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!GetCurrentProcessId] [7C809EF1] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2304] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!GetSystemTimeAsFileTime] [7C9010ED] C:\WINDOWS\system32\ntdll.dll (NT Layer DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2304] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!TerminateProcess] [7C901005] C:\WINDOWS\system32\ntdll.dll (NT Layer DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2304] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!UnhandledExceptionFilter] [7C80A017] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2304] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!LocalAlloc] [7C80929C] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2304] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!lstrcmpW] [7C910331] C:\WINDOWS\system32\ntdll.dll (NT Layer DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2304] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!DelayLoadFailureHook] [7C810D87] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2304] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!NtQuerySecurityObject] [7C80A0D4] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2304] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!RtlFreeHeap] [7C809A09] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2304] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!NtOpenKey] [7C809BF8] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2304] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!wcscat] [7C835D32] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2304] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!wcscpy] [7C830CB4] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2304] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!RtlAllocateHeap] [7C812A09] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2304] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!RtlCompareUnicodeString] [7C80A996] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2304] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!RtlInitUnicodeString] [7C80BAA1] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2304] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!RtlInitializeSid] [7C80BA64] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2304] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!RtlLengthRequiredSid] [7C8097A2] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2304] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!RtlSubAuthoritySid] [7C812BB6] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2304] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!NtClose] [7C81CA62] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2304] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!RtlSubAuthorityCountSid] [7C9105D4] C:\WINDOWS\system32\ntdll.dll (NT Layer DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2304] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!RtlGetDaclSecurityDescriptor] [7C9179FD] C:\WINDOWS\system32\ntdll.dll (NT Layer DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2304] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!RtlQueryInformationAcl] [7C91043D] C:\WINDOWS\system32\ntdll.dll (NT Layer DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2304] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!RtlGetAce] [7C809728] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2304] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!RtlImageNtHeader] [7C80992F] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2304] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!wcslen] [7C82F6E0] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2304] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!RtlUnhandledExceptionFilter] [7C80EDD7] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2304] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!RtlCopySid] [7C834E19] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2304] @ C:\WINDOWS\System32\svchost.exe [RPCRT4.dll!RpcServerUnregisterIfEx] [7C8137D9] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2304] @ C:\WINDOWS\System32\svchost.exe [RPCRT4.dll!RpcMgmtWaitServerListen] [7C809766] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2304] @ C:\WINDOWS\System32\svchost.exe [RPCRT4.dll!RpcMgmtSetServerStackSize] [7C810F32] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2304] @ C:\WINDOWS\System32\svchost.exe [RPCRT4.dll!RpcServerUnregisterIf] [7C812ADE] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2304] @ C:\WINDOWS\System32\svchost.exe [RPCRT4.dll!RpcServerListen] [7C80A7D4] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2304] @ C:\WINDOWS\System32\svchost.exe [RPCRT4.dll!RpcServerUseProtseqEpW] [7C812F39] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2304] @ C:\WINDOWS\System32\svchost.exe [RPCRT4.dll!RpcServerRegisterIf] [7C910340] C:\WINDOWS\system32\ntdll.dll (NT Layer DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2304] @ C:\WINDOWS\System32\svchost.exe [RPCRT4.dll!I_RpcMapWin32Status] [7C80ADA0] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2304] @ C:\WINDOWS\System32\svchost.exe [RPCRT4.dll!RpcMgmtStopServerListening] [7C801D77] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2328] @ C:\WINDOWS\System32\svchost.exe [ADVAPI32.dll!RegQueryValueExW] [77DD6A78] C:\WINDOWS\system32\ADVAPI32.dll (Advanced Windows 32 Base API/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2328] @ C:\WINDOWS\System32\svchost.exe [ADVAPI32.dll!SetSecurityDescriptorDacl] [77DD6FC8] C:\WINDOWS\system32\ADVAPI32.dll (Advanced Windows 32 Base API/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2328] @ C:\WINDOWS\System32\svchost.exe [ADVAPI32.dll!SetEntriesInAclW] [77DDD7CC] C:\WINDOWS\system32\ADVAPI32.dll (Advanced Windows 32 Base API/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2328] @ C:\WINDOWS\System32\svchost.exe [ADVAPI32.dll!SetSecurityDescriptorGroup] [77DD6BF0] C:\WINDOWS\system32\ADVAPI32.dll (Advanced Windows 32 Base API/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2328] @ C:\WINDOWS\System32\svchost.exe [ADVAPI32.dll!SetSecurityDescriptorOwner] 00000000 IAT C:\WINDOWS\System32\svchost.exe[2328] @ C:\WINDOWS\System32\svchost.exe [ADVAPI32.dll!InitializeSecurityDescriptor] [7C838974] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2328] @ C:\WINDOWS\System32\svchost.exe [ADVAPI32.dll!GetTokenInformation] [7C80CCA8] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2328] @ C:\WINDOWS\System32\svchost.exe [ADVAPI32.dll!OpenProcessToken] [7C838D50] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2328] @ C:\WINDOWS\System32\svchost.exe [ADVAPI32.dll!OpenThreadToken] [7C80B4CF] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2328] @ C:\WINDOWS\System32\svchost.exe [ADVAPI32.dll!SetServiceStatus] [7C809A51] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2328] @ C:\WINDOWS\System32\svchost.exe [ADVAPI32.dll!RegisterServiceCtrlHandlerW] [7C809AE4] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2328] @ C:\WINDOWS\System32\svchost.exe [ADVAPI32.dll!RegCloseKey] [7C8127A7] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2328] @ C:\WINDOWS\System32\svchost.exe [ADVAPI32.dll!RegOpenKeyExW] [7C809915] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2328] @ C:\WINDOWS\System32\svchost.exe [ADVAPI32.dll!StartServiceCtrlDispatcherW] [7C812E76] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2328] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!WideCharToMultiByte] [7C80DDF5] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2328] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!lstrlenW] [7C801E16] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2328] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!LocalFree] [7C9109ED] C:\WINDOWS\system32\ntdll.dll (NT Layer DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2328] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!GetCurrentProcess] [7C809BC5] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2328] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!GetCurrentThread] [7C809740] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2328] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!GetProcAddress] [7C80B6A1] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2328] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!LoadLibraryExW] [7C80B9D1] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2328] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!LCMapStringW] [7C809E01] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2328] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!FreeLibrary] [7C812F1D] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2328] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!lstrcpyW] [7C8111DA] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2328] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!ExpandEnvironmentStringsW] [7C802520] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2328] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!lstrcmpiW] [7C810637] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2328] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!ExitProcess] [7C80A03B] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2328] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!GetCommandLineW] [7C8307ED] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2328] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!InitializeCriticalSection] [7C80E93F] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2328] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!GetProcessHeap] [7C802442] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2328] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!SetErrorMode] [7C809B47] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2328] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!SetUnhandledExceptionFilter] [7C80EA1B] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2328] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!RegisterWaitForSingleObject] [7C80A9CC] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2328] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!InterlockedCompareExchange] [7C810111] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2328] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!LoadLibraryA] [7C80BE01] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2328] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!QueryPerformanceCounter] [7C80BDB6] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2328] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!GetTickCount] [7C834CA9] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2328] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!GetCurrentThreadId] [7C80978E] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2328] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!GetCurrentProcessId] [7C809EF1] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2328] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!GetSystemTimeAsFileTime] [7C9010ED] C:\WINDOWS\system32\ntdll.dll (NT Layer DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2328] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!TerminateProcess] [7C901005] C:\WINDOWS\system32\ntdll.dll (NT Layer DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2328] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!UnhandledExceptionFilter] [7C80A017] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2328] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!LocalAlloc] [7C80929C] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2328] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!lstrcmpW] [7C801A24] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2328] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!DelayLoadFailureHook] [7C910331] C:\WINDOWS\system32\ntdll.dll (NT Layer DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2328] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!NtQuerySecurityObject] [7C814AF2] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2328] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!RtlFreeHeap] [7C80A0D4] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2328] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!NtOpenKey] [7C809A09] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2328] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!wcscat] [7C809BF8] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2328] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!wcscpy] [7C835D32] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2328] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!RtlAllocateHeap] [7C830CB4] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2328] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!RtlCompareUnicodeString] [7C812A09] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2328] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!RtlInitUnicodeString] [7C80A996] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2328] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!RtlInitializeSid] [7C80BAA1] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2328] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!RtlLengthRequiredSid] [7C80BA64] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2328] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!RtlSubAuthoritySid] [7C8097A2] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2328] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!NtClose] [7C812BB6] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2328] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!RtlSubAuthorityCountSid] [7C81CA62] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2328] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!RtlGetDaclSecurityDescriptor] [7C9105D4] C:\WINDOWS\system32\ntdll.dll (NT Layer DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2328] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!RtlQueryInformationAcl] [7C9179FD] C:\WINDOWS\system32\ntdll.dll (NT Layer DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2328] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!RtlGetAce] [7C91043D] C:\WINDOWS\system32\ntdll.dll (NT Layer DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2328] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!RtlImageNtHeader] [7C809728] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2328] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!wcslen] [7C80992F] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2328] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!RtlUnhandledExceptionFilter] [7C82F6E0] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2328] @ C:\WINDOWS\System32\svchost.exe [n

Profil

Gaius Poslao: 29 Jan 2009 12:40 Idi na vrh
offline Gaius Građanin Pridružio: 28 Jan 2009 Poruke: 76	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! GMER 1.0.14.14536 - gmer.net Rootkit scan 2009-01-29 12:20:02 Windows 5.1.2600 Service Pack 2 ---- System - GMER 1.0.14 ---- INT 0x62 ? 86FD8BF8 INT 0x63 ? 86C51F00 INT 0x63 ? 86C51F00 INT 0x73 ? 86C51F00 INT 0x82 ? 86FD8BF8 INT 0xA4 ? 86C51F00 INT 0xB4 ? 86C51F00 Code 86C8F0E8 ZwEnumerateKey Code 86C8B308 ZwFlushInstructionCache Code AF231323 pIofCallDriver ---- Kernel code sections - GMER 1.0.14 ---- PAGE ntoskrnl.exe!ZwEnumerateKey 8056EF68 5 Bytes JMP 86C8F0EC PAGE ntoskrnl.exe!ZwFlushInstructionCache 80577A7A 5 Bytes JMP 86C8B30C ? sprl.sys The system cannot find the file specified. ! ? C:\WINDOWS\system32\drivers\ati0rwxx.sys Access is denied. ! .text USBPORT.SYS!DllUnload B74B480C 5 Bytes JMP 86C514E0 .text Beep.SYS BAE79300 67 Bytes [ 71, B1, 16, 98, 3A, 3F, 80, ... ] .text Beep.SYS BAE79344 61 Bytes [ 6A, 7C, 8D, B1, 17, 9A, 42, ... ] .text Beep.SYS BAE79382 99 Bytes [ 26, FE, 9A, 6D, CC, 2E, 07, ... ] .text Beep.SYS BAE793E6 206 Bytes [ D1, 2A, 6F, 88, 02, 86, 30, ... ] .text Beep.SYS BAE794B5 124 Bytes [ AF, 75, 30, DB, 68, B1, 13, ... ] ---- User code sections - GMER 1.0.14 ---- .text C:\Program Files\Internet Explorer\iexplore.exe[1056] WININET.dll!InternetConnectA 771C30C3 5 Bytes JMP 007C000A .text C:\Program Files\Internet Explorer\iexplore.exe[1056] WININET.dll!HttpOpenRequestA 771C36AD 5 Bytes JMP 0087000A .text C:\Program Files\Internet Explorer\iexplore.exe[1056] WININET.dll!InternetCloseHandle 771C4D6C 5 Bytes JMP 007E000A .text C:\Program Files\Internet Explorer\iexplore.exe[1056] WININET.dll!HttpSendRequestA 771C6249 5 Bytes JMP 0085000A .text C:\Program Files\Internet Explorer\iexplore.exe[1056] WININET.dll!InternetReadFile 771C80F4 5 Bytes JMP 0080000A .text C:\Program Files\Internet Explorer\iexplore.exe[1056] WININET.dll!InternetConnectW 771CEE00 5 Bytes JMP 007D000A .text C:\Program Files\Internet Explorer\iexplore.exe[1056] WININET.dll!HttpOpenRequestW 771CF4C6 5 Bytes JMP 0088000A .text C:\Program Files\Internet Explorer\iexplore.exe[1056] WININET.dll!InternetQueryDataAvailable 771D8A0F 5 Bytes JMP 007F000A .text C:\Program Files\Internet Explorer\iexplore.exe[1056] WININET.dll!InternetSetStatusCallback 771D907C 5 Bytes JMP 0083000A .text C:\Program Files\Internet Explorer\iexplore.exe[1056] WININET.dll!InternetReadFileExW 771F7439 5 Bytes JMP 0082000D .text C:\Program Files\Internet Explorer\iexplore.exe[1056] WININET.dll!InternetReadFileExA 771F8140 5 Bytes JMP 0081000A .text C:\Program Files\Internet Explorer\iexplore.exe[1056] WININET.dll!InternetSetStatusCallbackW 771F8C93 5 Bytes JMP 0084000A .text C:\Program Files\Internet Explorer\iexplore.exe[1056] WININET.dll!HttpSendRequestW 77211CEC 5 Bytes JMP 0086000A ? C:\Documents and Settings\Nikola\Application Data\svchost.exe[1896] image checksum mismatch; number of sections mismatch; time/date stamp mismatch; unknown module: WSOCK32.dllunknown module: VERSION.dllunknown module: WINMM.dllunknown module: COMCTL32.dllunknown module: MPR.dllunknown module: comdlg32.dllunknown module: OLEAUT32.dll ? C:\WINDOWS\System32\svchost.exe[2296] image checksum mismatch; number of sections mismatch; time/date stamp mismatch; unknown module: DNSAPI.dllunknown module: gdiplus.dll ? C:\WINDOWS\System32\svchost.exe[2304] image checksum mismatch; number of sections mismatch; time/date stamp mismatch; unknown module: gdiplus.dllunknown module: OLEAUT32.dll ? C:\WINDOWS\System32\svchost.exe[2328] image checksum mismatch; number of sections mismatch; time/date stamp mismatch; unknown module: gdiplus.dllunknown module: OLEAUT32.dll ? C:\WINDOWS\System32\svchost.exe[2336] image checksum mismatch; number of sections mismatch; time/date stamp mismatch; ? C:\WINDOWS\system32\svchost.exe[2564] image checksum mismatch; number of sections mismatch; time/date stamp mismatch; ? C:\WINDOWS\system32\svchost.exe[2748] image checksum mismatch; time/date stamp mismatch; unknown module: msvcrt.dllunknown module: gdiplus.dllunknown module: OLEAUT32.dll .text C:\WINDOWS\system32\taskmgr.exe[3712] USER32.dll!MessageBoxW 77D960F2 3 Bytes [ 31, C0, C3 ] ---- Kernel IAT/EAT - GMER 1.0.14 ---- IAT \WINDOWS\System32\Drivers\SCSIPORT.SYS[ntoskrnl.exe!DbgBreakPoint] 86FDB2D8 IAT pci.sys[ntoskrnl.exe!IoDetachDevice] [F75AB6D0] sprl.sys IAT pci.sys[ntoskrnl.exe!IoAttachDeviceToDeviceStack] [F75AF708] sprl.sys IAT atapi.sys[HAL.dll!READ_PORT_UCHAR] [F7586046] sprl.sys IAT atapi.sys[HAL.dll!READ_PORT_BUFFER_USHORT] [F7586142] sprl.sys IAT atapi.sys[HAL.dll!READ_PORT_USHORT] [F75860C4] sprl.sys IAT atapi.sys[HAL.dll!WRITE_PORT_BUFFER_USHORT] [F75867CE] sprl.sys IAT atapi.sys[HAL.dll!WRITE_PORT_UCHAR] [F75866A4] sprl.sys IAT \SystemRoot\system32\DRIVERS\USBPORT.SYS[ntoskrnl.exe!DbgBreakPoint] 86C515E0 IAT \SystemRoot\system32\DRIVERS\i8042prt.sys[HAL.dll!READ_PORT_UCHAR] [F7591D7A] sprl.sys IAT \SystemRoot\System32\Drivers\Beep.SYS[ntoskrnl.exe!MmLockPagableDataSection] 82AF0B23 IAT \SystemRoot\System32\Drivers\Beep.SYS[ntoskrnl.exe!KeCancelTimer] 4849C7B4 IAT \SystemRoot\System32\Drivers\Beep.SYS[ntoskrnl.exe!MmUnlockPagableImageSection] 5A123A89 IAT \SystemRoot\System32\Drivers\Beep.SYS[ntoskrnl.exe!IoStartNextPacket] 4CDA4CB2 IAT \SystemRoot\System32\Drivers\Beep.SYS[ntoskrnl.exe!KeSetTimer] 0D67CB7F IAT \SystemRoot\System32\Drivers\Beep.SYS[ntoskrnl.exe!_allmul] 23F4F980 IAT \SystemRoot\System32\Drivers\Beep.SYS[ntoskrnl.exe!IoStartPacket] D8776385 IAT \SystemRoot\System32\Drivers\Beep.SYS[ntoskrnl.exe!KeInitializeEvent] 15D6099E IAT \SystemRoot\System32\Drivers\Beep.SYS[ntoskrnl.exe!KeInitializeTimer] 0F1C2C1B IAT \SystemRoot\System32\Drivers\Beep.SYS[ntoskrnl.exe!KeInitializeDpc] 132B4C8C IAT \SystemRoot\System32\Drivers\Beep.SYS[ntoskrnl.exe!IoCreateDevice] 7FB932C1 IAT \SystemRoot\System32\Drivers\Beep.SYS[ntoskrnl.exe!RtlInitUnicodeString] A2DA05CA IAT \SystemRoot\System32\Drivers\Beep.SYS[ntoskrnl.exe!IoAcquireCancelSpinLock] 1F96C8F7 IAT \SystemRoot\System32\Drivers\Beep.SYS[ntoskrnl.exe!KeRemoveDeviceQueue] 6551CCD8 IAT \SystemRoot\System32\Drivers\Beep.SYS[ntoskrnl.exe!KeRemoveEntryDeviceQueue] 5700E43D IAT \SystemRoot\System32\Drivers\Beep.SYS[ntoskrnl.exe!IoReleaseCancelSpinLock] 3AA46D36 IAT \SystemRoot\System32\Drivers\Beep.SYS[ntoskrnl.exe!IoDeleteDevice] 0F3E7E13 IAT \SystemRoot\System32\Drivers\Beep.SYS[ntoskrnl.exe!IofCompleteRequest] 15DAC664 IAT \SystemRoot\System32\Drivers\Beep.SYS[HAL.dll!ExReleaseFastMutex] 045C2B51 IAT \SystemRoot\System32\Drivers\Beep.SYS[HAL.dll!KfRaiseIrql] 86B3209A IAT \SystemRoot\System32\Drivers\Beep.SYS[HAL.dll!KfLowerIrql] DB278F07 IAT \SystemRoot\System32\Drivers\Beep.SYS[HAL.dll!HalMakeBeep] 65C5EB28 IAT \SystemRoot\System32\Drivers\Beep.SYS[HAL.dll!ExAcquireFastMutex] AB66BBCD ---- User IAT/EAT - GMER 1.0.14 ---- IAT C:\WINDOWS\System32\svchost.exe[2296] @ C:\WINDOWS\System32\svchost.exe [ADVAPI32.dll!RegQueryValueExW] [77DD6BF0] C:\WINDOWS\system32\ADVAPI32.dll (Advanced Windows 32 Base API/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2296] @ C:\WINDOWS\System32\svchost.exe [ADVAPI32.dll!SetSecurityDescriptorDacl] [77DD7883] C:\WINDOWS\system32\ADVAPI32.dll (Advanced Windows 32 Base API/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2296] @ C:\WINDOWS\System32\svchost.exe [ADVAPI32.dll!SetEntriesInAclW] [77DD761B] C:\WINDOWS\system32\ADVAPI32.dll (Advanced Windows 32 Base API/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2296] @ C:\WINDOWS\System32\svchost.exe [ADVAPI32.dll!SetSecurityDescriptorGroup] [77DDEBE7] C:\WINDOWS\system32\ADVAPI32.dll (Advanced Windows 32 Base API/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2296] @ C:\WINDOWS\System32\svchost.exe [ADVAPI32.dll!SetSecurityDescriptorOwner] [77DFC534] C:\WINDOWS\system32\ADVAPI32.dll (Advanced Windows 32 Base API/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2296] @ C:\WINDOWS\System32\svchost.exe [ADVAPI32.dll!InitializeSecurityDescriptor] [77DFD11B] C:\WINDOWS\system32\ADVAPI32.dll (Advanced Windows 32 Base API/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2296] @ C:\WINDOWS\System32\svchost.exe [ADVAPI32.dll!GetTokenInformation] [77DD7753] C:\WINDOWS\system32\ADVAPI32.dll (Advanced Windows 32 Base API/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2296] @ C:\WINDOWS\System32\svchost.exe [ADVAPI32.dll!OpenProcessToken] 00000000 IAT C:\WINDOWS\System32\svchost.exe[2296] @ C:\WINDOWS\System32\svchost.exe [ADVAPI32.dll!OpenThreadToken] [76F36C5B] C:\WINDOWS\System32\DNSAPI.dll (DNS Client API DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2296] @ C:\WINDOWS\System32\svchost.exe [ADVAPI32.dll!SetServiceStatus] [76F35002] C:\WINDOWS\System32\DNSAPI.dll (DNS Client API DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2296] @ C:\WINDOWS\System32\svchost.exe [ADVAPI32.dll!RegisterServiceCtrlHandlerW] [76F25B4D] C:\WINDOWS\System32\DNSAPI.dll (DNS Client API DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2296] @ C:\WINDOWS\System32\svchost.exe [ADVAPI32.dll!RegCloseKey] 00000000 IAT C:\WINDOWS\System32\svchost.exe[2296] @ C:\WINDOWS\System32\svchost.exe [ADVAPI32.dll!RegOpenKeyExW] [77F2BFB3] C:\WINDOWS\system32\GDI32.dll (GDI Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2296] @ C:\WINDOWS\System32\svchost.exe [ADVAPI32.dll!StartServiceCtrlDispatcherW] 00000000 IAT C:\WINDOWS\System32\svchost.exe[2296] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!WideCharToMultiByte] [7C80A9CC] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2296] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!lstrlenW] [7C80176B] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2296] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!LocalFree] [7C814EEA] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2296] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!GetCurrentProcess] [7C8218D2] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2296] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!GetCurrentThread] [7C810B8E] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2296] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!GetProcAddress] [7C810D87] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2296] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!LoadLibraryExW] [7C802367] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2296] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!LCMapStringW] [7C830921] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2296] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!FreeLibrary] [7C809A72] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2296] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!lstrcpyW] [7C864140] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2296] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!ExpandEnvironmentStringsW] [7C910331] C:\WINDOWS\system32\ntdll.dll (NT Layer DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2296] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!lstrcmpiW] [7C835027] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2296] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!ExitProcess] [7C812F1D] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2296] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!GetCommandLineW] [7C8111DA] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2296] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!InitializeCriticalSection] [7C80B905] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2296] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!GetProcessHeap] [7C80945C] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2296] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!SetErrorMode] [7C81CA62] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2296] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!SetUnhandledExceptionFilter] [7C80C058] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2296] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!RegisterWaitForSingleObject] [7C802442] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2296] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!InterlockedCompareExchange] [7C81CA8B] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2296] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!LoadLibraryA] [7C82FB40] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2296] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!QueryPerformanceCounter] [7C809728] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2296] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!GetTickCount] [7C809B47] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2296] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!GetCurrentThreadId] [7C810637] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2296] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!GetCurrentProcessId] [7C80E93F] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2296] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!GetSystemTimeAsFileTime] [7C80EA1B] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2296] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!TerminateProcess] [7C830CB4] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2296] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!UnhandledExceptionFilter] [7C809A09] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2296] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!LocalAlloc] [7C809E01] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2296] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!lstrcmpW] [7C80BAA1] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2296] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!DelayLoadFailureHook] [7C80929C] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2296] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!NtQuerySecurityObject] [7C9105D4] C:\WINDOWS\system32\ntdll.dll (NT Layer DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2296] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!RtlFreeHeap] [7C9179FD] C:\WINDOWS\system32\ntdll.dll (NT Layer DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2296] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!NtOpenKey] [7C91043D] C:\WINDOWS\system32\ntdll.dll (NT Layer DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2296] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!wcscat] [7C809E79] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2296] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!wcscpy] [7C802520] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2296] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!RtlAllocateHeap] [7C8024A7] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2296] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!RtlCompareUnicodeString] [7C810B1C] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2296] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!RtlInitUnicodeString] 00000000 IAT C:\WINDOWS\System32\svchost.exe[2296] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!RtlInitializeSid] [7CA40EB0] C:\WINDOWS\system32\SHELL32.dll (Windows Shell Common Dll/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2296] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!RtlLengthRequiredSid] 00000000 IAT C:\WINDOWS\System32\svchost.exe[2296] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!RtlSubAuthoritySid] [77F6818C] C:\WINDOWS\system32\SHLWAPI.dll (Shell Light-weight Utility Library/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2296] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!NtClose] [77F8C41E] C:\WINDOWS\system32\SHLWAPI.dll (Shell Light-weight Utility Library/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2296] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!RtlSubAuthorityCountSid] [77F72240] C:\WINDOWS\system32\SHLWAPI.dll (Shell Light-weight Utility Library/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2296] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!RtlGetDaclSecurityDescriptor] 00000000 IAT C:\WINDOWS\System32\svchost.exe[2296] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!RtlQueryInformationAcl] [77D5ED74] C:\WINDOWS\system32\USER32.dll (Windows XP USER API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2296] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!RtlGetAce] [77D486C7] C:\WINDOWS\system32\USER32.dll (Windows XP USER API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2296] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!RtlImageNtHeader] [77D4A8AD] C:\WINDOWS\system32\USER32.dll (Windows XP USER API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2296] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!wcslen] 00000000 IAT C:\WINDOWS\System32\svchost.exe[2296] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!RtlUnhandledExceptionFilter] [771C6249] C:\WINDOWS\system32\WININET.dll (Internet Extensions for Win32/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2296] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!RtlCopySid] [771C30C3] C:\WINDOWS\system32\WININET.dll (Internet Extensions for Win32/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2296] @ C:\WINDOWS\System32\svchost.exe [RPCRT4.dll!RpcServerUnregisterIfEx] [771C780A] C:\WINDOWS\system32\WININET.dll (Internet Extensions for Win32/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2296] @ C:\WINDOWS\System32\svchost.exe [RPCRT4.dll!RpcMgmtWaitServerListen] [771C4D6C] C:\WINDOWS\system32\WININET.dll (Internet Extensions for Win32/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2296] @ C:\WINDOWS\System32\svchost.exe [RPCRT4.dll!RpcMgmtSetServerStackSize] [771C36AD] C:\WINDOWS\system32\WININET.dll (Internet Extensions for Win32/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2296] @ C:\WINDOWS\System32\svchost.exe [RPCRT4.dll!RpcServerUnregisterIf] [771C80F4] C:\WINDOWS\system32\WININET.dll (Internet Extensions for Win32/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2296] @ C:\WINDOWS\System32\svchost.exe [RPCRT4.dll!RpcServerListen] 00000000 IAT C:\WINDOWS\System32\svchost.exe[2296] @ C:\WINDOWS\System32\svchost.exe [RPCRT4.dll!RpcServerUseProtseqEpW] [71AB428A] C:\WINDOWS\System32\WS2_32.dll (Windows Socket 2.0 32-Bit DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2296] @ C:\WINDOWS\System32\svchost.exe [RPCRT4.dll!RpcServerRegisterIf] [71AB615A] C:\WINDOWS\System32\WS2_32.dll (Windows Socket 2.0 32-Bit DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2296] @ C:\WINDOWS\System32\svchost.exe [RPCRT4.dll!I_RpcMapWin32Status] [71AB3B91] C:\WINDOWS\System32\WS2_32.dll (Windows Socket 2.0 32-Bit DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2296] @ C:\WINDOWS\System32\svchost.exe [RPCRT4.dll!RpcMgmtStopServerListening] [71AB9639] C:\WINDOWS\System32\WS2_32.dll (Windows Socket 2.0 32-Bit DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2304] @ C:\WINDOWS\System32\svchost.exe [ADVAPI32.dll!RegQueryValueExW] [77DD6A78] C:\WINDOWS\system32\ADVAPI32.dll (Advanced Windows 32 Base API/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2304] @ C:\WINDOWS\System32\svchost.exe [ADVAPI32.dll!SetSecurityDescriptorDacl] [77DD6FC8] C:\WINDOWS\system32\ADVAPI32.dll (Advanced Windows 32 Base API/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2304] @ C:\WINDOWS\System32\svchost.exe [ADVAPI32.dll!SetEntriesInAclW] [77DDD7CC] C:\WINDOWS\system32\ADVAPI32.dll (Advanced Windows 32 Base API/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2304] @ C:\WINDOWS\System32\svchost.exe [ADVAPI32.dll!SetSecurityDescriptorGroup] [77DD6BF0] C:\WINDOWS\system32\ADVAPI32.dll (Advanced Windows 32 Base API/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2304] @ C:\WINDOWS\System32\svchost.exe [ADVAPI32.dll!SetSecurityDescriptorOwner] 00000000 IAT C:\WINDOWS\System32\svchost.exe[2304] @ C:\WINDOWS\System32\svchost.exe [ADVAPI32.dll!InitializeSecurityDescriptor] [7C838974] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2304] @ C:\WINDOWS\System32\svchost.exe [ADVAPI32.dll!GetTokenInformation] [7C80CCA8] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2304] @ C:\WINDOWS\System32\svchost.exe [ADVAPI32.dll!OpenProcessToken] [7C838D50] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2304] @ C:\WINDOWS\System32\svchost.exe [ADVAPI32.dll!OpenThreadToken] [7C80B4CF] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2304] @ C:\WINDOWS\System32\svchost.exe [ADVAPI32.dll!SetServiceStatus] [7C809A51] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2304] @ C:\WINDOWS\System32\svchost.exe [ADVAPI32.dll!RegisterServiceCtrlHandlerW] [7C809AE4] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2304] @ C:\WINDOWS\System32\svchost.exe [ADVAPI32.dll!RegCloseKey] [7C8127A7] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2304] @ C:\WINDOWS\System32\svchost.exe [ADVAPI32.dll!RegOpenKeyExW] [7C809915] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2304] @ C:\WINDOWS\System32\svchost.exe [ADVAPI32.dll!StartServiceCtrlDispatcherW] [7C812E76] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2304] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!WideCharToMultiByte] [7C80DDF5] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2304] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!lstrlenW] [7C801E16] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2304] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!LocalFree] [7C9109ED] C:\WINDOWS\system32\ntdll.dll (NT Layer DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2304] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!GetCurrentProcess] [7C809BC5] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2304] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!GetCurrentThread] [7C809740] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2304] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!GetProcAddress] [7C80B6A1] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2304] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!LoadLibraryExW] [7C80B9D1] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2304] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!LCMapStringW] [7C809E01] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2304] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!FreeLibrary] [7C812F1D] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2304] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!lstrcpyW] [7C8111DA] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2304] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!ExpandEnvironmentStringsW] [7C802520] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2304] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!lstrcmpiW] [7C810637] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2304] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!ExitProcess] [7C80A03B] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2304] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!GetCommandLineW] [7C8307ED] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2304] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!InitializeCriticalSection] [7C80E93F] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2304] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!GetProcessHeap] [7C802442] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2304] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!SetErrorMode] [7C809B47] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2304] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!SetUnhandledExceptionFilter] [7C80EA1B] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2304] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!RegisterWaitForSingleObject] [7C80A9CC] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2304] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!InterlockedCompareExchange] [7C810111] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2304] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!LoadLibraryA] [7C80BE01] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2304] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!QueryPerformanceCounter] [7C80BDB6] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2304] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!GetTickCount] [7C834CA9] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2304] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!GetCurrentThreadId] [7C80978E] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2304] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!GetCurrentProcessId] [7C809EF1] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2304] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!GetSystemTimeAsFileTime] [7C9010ED] C:\WINDOWS\system32\ntdll.dll (NT Layer DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2304] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!TerminateProcess] [7C901005] C:\WINDOWS\system32\ntdll.dll (NT Layer DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2304] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!UnhandledExceptionFilter] [7C80A017] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2304] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!LocalAlloc] [7C80929C] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2304] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!lstrcmpW] [7C910331] C:\WINDOWS\system32\ntdll.dll (NT Layer DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2304] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!DelayLoadFailureHook] [7C810D87] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2304] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!NtQuerySecurityObject] [7C80A0D4] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2304] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!RtlFreeHeap] [7C809A09] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2304] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!NtOpenKey] [7C809BF8] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2304] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!wcscat] [7C835D32] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2304] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!wcscpy] [7C830CB4] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2304] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!RtlAllocateHeap] [7C812A09] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2304] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!RtlCompareUnicodeString] [7C80A996] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2304] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!RtlInitUnicodeString] [7C80BAA1] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2304] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!RtlInitializeSid] [7C80BA64] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2304] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!RtlLengthRequiredSid] [7C8097A2] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2304] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!RtlSubAuthoritySid] [7C812BB6] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2304] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!NtClose] [7C81CA62] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2304] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!RtlSubAuthorityCountSid] [7C9105D4] C:\WINDOWS\system32\ntdll.dll (NT Layer DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2304] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!RtlGetDaclSecurityDescriptor] [7C9179FD] C:\WINDOWS\system32\ntdll.dll (NT Layer DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2304] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!RtlQueryInformationAcl] [7C91043D] C:\WINDOWS\system32\ntdll.dll (NT Layer DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2304] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!RtlGetAce] [7C809728] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2304] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!RtlImageNtHeader] [7C80992F] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2304] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!wcslen] [7C82F6E0] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2304] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!RtlUnhandledExceptionFilter] [7C80EDD7] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2304] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!RtlCopySid] [7C834E19] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2304] @ C:\WINDOWS\System32\svchost.exe [RPCRT4.dll!RpcServerUnregisterIfEx] [7C8137D9] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2304] @ C:\WINDOWS\System32\svchost.exe [RPCRT4.dll!RpcMgmtWaitServerListen] [7C809766] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2304] @ C:\WINDOWS\System32\svchost.exe [RPCRT4.dll!RpcMgmtSetServerStackSize] [7C810F32] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2304] @ C:\WINDOWS\System32\svchost.exe [RPCRT4.dll!RpcServerUnregisterIf] [7C812ADE] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2304] @ C:\WINDOWS\System32\svchost.exe [RPCRT4.dll!RpcServerListen] [7C80A7D4] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2304] @ C:\WINDOWS\System32\svchost.exe [RPCRT4.dll!RpcServerUseProtseqEpW] [7C812F39] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2304] @ C:\WINDOWS\System32\svchost.exe [RPCRT4.dll!RpcServerRegisterIf] [7C910340] C:\WINDOWS\system32\ntdll.dll (NT Layer DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2304] @ C:\WINDOWS\System32\svchost.exe [RPCRT4.dll!I_RpcMapWin32Status] [7C80ADA0] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2304] @ C:\WINDOWS\System32\svchost.exe [RPCRT4.dll!RpcMgmtStopServerListening] [7C801D77] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2328] @ C:\WINDOWS\System32\svchost.exe [ADVAPI32.dll!RegQueryValueExW] [77DD6A78] C:\WINDOWS\system32\ADVAPI32.dll (Advanced Windows 32 Base API/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2328] @ C:\WINDOWS\System32\svchost.exe [ADVAPI32.dll!SetSecurityDescriptorDacl] [77DD6FC8] C:\WINDOWS\system32\ADVAPI32.dll (Advanced Windows 32 Base API/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2328] @ C:\WINDOWS\System32\svchost.exe [ADVAPI32.dll!SetEntriesInAclW] [77DDD7CC] C:\WINDOWS\system32\ADVAPI32.dll (Advanced Windows 32 Base API/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2328] @ C:\WINDOWS\System32\svchost.exe [ADVAPI32.dll!SetSecurityDescriptorGroup] [77DD6BF0] C:\WINDOWS\system32\ADVAPI32.dll (Advanced Windows 32 Base API/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2328] @ C:\WINDOWS\System32\svchost.exe [ADVAPI32.dll!SetSecurityDescriptorOwner] 00000000 IAT C:\WINDOWS\System32\svchost.exe[2328] @ C:\WINDOWS\System32\svchost.exe [ADVAPI32.dll!InitializeSecurityDescriptor] [7C838974] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2328] @ C:\WINDOWS\System32\svchost.exe [ADVAPI32.dll!GetTokenInformation] [7C80CCA8] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2328] @ C:\WINDOWS\System32\svchost.exe [ADVAPI32.dll!OpenProcessToken] [7C838D50] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2328] @ C:\WINDOWS\System32\svchost.exe [ADVAPI32.dll!OpenThreadToken] [7C80B4CF] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2328] @ C:\WINDOWS\System32\svchost.exe [ADVAPI32.dll!SetServiceStatus] [7C809A51] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2328] @ C:\WINDOWS\System32\svchost.exe [ADVAPI32.dll!RegisterServiceCtrlHandlerW] [7C809AE4] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2328] @ C:\WINDOWS\System32\svchost.exe [ADVAPI32.dll!RegCloseKey] [7C8127A7] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2328] @ C:\WINDOWS\System32\svchost.exe [ADVAPI32.dll!RegOpenKeyExW] [7C809915] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2328] @ C:\WINDOWS\System32\svchost.exe [ADVAPI32.dll!StartServiceCtrlDispatcherW] [7C812E76] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2328] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!WideCharToMultiByte] [7C80DDF5] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2328] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!lstrlenW] [7C801E16] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2328] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!LocalFree] [7C9109ED] C:\WINDOWS\system32\ntdll.dll (NT Layer DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2328] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!GetCurrentProcess] [7C809BC5] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2328] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!GetCurrentThread] [7C809740] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2328] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!GetProcAddress] [7C80B6A1] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2328] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!LoadLibraryExW] [7C80B9D1] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2328] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!LCMapStringW] [7C809E01] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2328] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!FreeLibrary] [7C812F1D] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2328] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!lstrcpyW] [7C8111DA] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2328] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!ExpandEnvironmentStringsW] [7C802520] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2328] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!lstrcmpiW] [7C810637] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2328] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!ExitProcess] [7C80A03B] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2328] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!GetCommandLineW] [7C8307ED] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2328] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!InitializeCriticalSection] [7C80E93F] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2328] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!GetProcessHeap] [7C802442] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2328] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!SetErrorMode] [7C809B47] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2328] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!SetUnhandledExceptionFilter] [7C80EA1B] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2328] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!RegisterWaitForSingleObject] [7C80A9CC] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2328] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!InterlockedCompareExchange] [7C810111] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2328] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!LoadLibraryA] [7C80BE01] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2328] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!QueryPerformanceCounter] [7C80BDB6] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2328] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!GetTickCount] [7C834CA9] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2328] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!GetCurrentThreadId] [7C80978E] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2328] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!GetCurrentProcessId] [7C809EF1] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2328] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!GetSystemTimeAsFileTime] [7C9010ED] C:\WINDOWS\system32\ntdll.dll (NT Layer DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2328] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!TerminateProcess] [7C901005] C:\WINDOWS\system32\ntdll.dll (NT Layer DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2328] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!UnhandledExceptionFilter] [7C80A017] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2328] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!LocalAlloc] [7C80929C] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2328] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!lstrcmpW] [7C801A24] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2328] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!DelayLoadFailureHook] [7C910331] C:\WINDOWS\system32\ntdll.dll (NT Layer DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2328] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!NtQuerySecurityObject] [7C814AF2] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2328] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!RtlFreeHeap] [7C80A0D4] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2328] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!NtOpenKey] [7C809A09] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2328] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!wcscat] [7C809BF8] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2328] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!wcscpy] [7C835D32] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2328] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!RtlAllocateHeap] [7C830CB4] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2328] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!RtlCompareUnicodeString] [7C812A09] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2328] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!RtlInitUnicodeString] [7C80A996] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2328] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!RtlInitializeSid] [7C80BAA1] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2328] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!RtlLengthRequiredSid] [7C80BA64] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2328] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!RtlSubAuthoritySid] [7C8097A2] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2328] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!NtClose] [7C812BB6] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2328] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!RtlSubAuthorityCountSid] [7C81CA62] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2328] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!RtlGetDaclSecurityDescriptor] [7C9105D4] C:\WINDOWS\system32\ntdll.dll (NT Layer DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2328] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!RtlQueryInformationAcl] [7C9179FD] C:\WINDOWS\system32\ntdll.dll (NT Layer DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2328] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!RtlGetAce] [7C91043D] C:\WINDOWS\system32\ntdll.dll (NT Layer DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2328] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!RtlImageNtHeader] [7C809728] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2328] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!wcslen] [7C80992F] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2328] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!RtlUnhandledExceptionFilter] [7C82F6E0] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2328] @ C:\WINDOWS\System32\svchost.exe [n

Profil

Gaius Poslao: 29 Jan 2009 12:42 Idi na vrh
offline Gaius Građanin Pridružio: 28 Jan 2009 Poruke: 76	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! GMER 1.0.14.14536 - gmer.net Autostart scan 2009-01-29 12:27:16 Windows 5.1.2600 Service Pack 2 HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems@Windows = %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,3072,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16 HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon@Userinit = C:\WINDOWS\system32\userinit.exe, HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ >>> AtiExtEvent@DLLName = Ati2evxx.dll crypt@DLLName = crypts.dll hfitnt@DLLName = hfitnt.dll HKLM\SYSTEM\CurrentControlSet\Services\ >>> aawservice@ = "C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe" aswUpdSv@ = "C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe" Ati HotKey Poller@ = %SystemRoot%\system32\Ati2evxx.exe ATI Smart@ = C:\WINDOWS\system32\ati2sgag.exe avast! Antivirus@ = "C:\Program Files\Alwil Software\Avast4\ashServ.exe" Bonjour Service@ = "C:\Program Files\Bonjour\mDNSResponder.exe" icf@ = C:\WINDOWS\system32\svchost.exe:ext.exe KMWDSERVICE@ = C:\Program Files\Mouse Driver\KMWDSrv.exe StarWindService@ = C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe Usb Service 2.0@ = "C:\WINDOWS\usbservice.exe" vmwareservice@ = "C:\WINDOWS\system\VMwareService.exe" HKLM\Software\Microsoft\Windows\CurrentVersion\Run >>> @AGRSMMSGAGRSMMSG.exe = AGRSMMSG.exe @OrderReminderC:\Program Files\Hewlett-Packard\OrderReminder\OrderReminder.exe = C:\Program Files\Hewlett-Packard\OrderReminder\OrderReminder.exe @SunJavaUpdateSched"C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" = "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" @PCSuiteTrayApplicationC:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup /file not found/ = C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup /file not found/ @StartCCCC:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe = C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe @BluetoothAuthenticationAgentrundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent = rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent @KMCONFIGC:\Program Files\Mouse Driver\StartAutorun.exe KMConfig.exe /file not found/ = C:\Program Files\Mouse Driver\StartAutorun.exe KMConfig.exe /file not found/ @NeroFilterCheckC:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe = C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe @ATIPTAC:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe = C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe @TkBellExe"C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot = "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot @C-Media MixerMixer.exe /startup = Mixer.exe /startup @avast!C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe = C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe @QuickTime Task"C:\Program Files\QuickTime\qttask.exe" -atboottime = "C:\Program Files\QuickTime\qttask.exe" -atboottime @Microsoft USB Windows2 Driverusbautotuner.exe = usbautotuner.exe @Windows USB Automatic Servicewinusbservice.exe = winusbservice.exe @svchostBoot"C:\Documents and Settings\Nikola\Application Data\svchost.exe" = "C:\Documents and Settings\Nikola\Application Data\svchost.exe" @lrijh8s73jhbfgfdC:\DOCUME~1\Nikola\LOCALS~1\Temp\winlognn.exe = C:\DOCUME~1\Nikola\LOCALS~1\Temp\winlognn.exe @rs32netC:\WINDOWS\System32\rs32net.exe = C:\WINDOWS\System32\rs32net.exe @svchost32C:\WINDOWS\scvhost32.exe = C:\WINDOWS\scvhost32.exe HKCU\Software\Microsoft\Windows\CurrentVersion\Run >>> @PcSyncC:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog /file not found/ = C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog /file not found/ @MsnMsgr"C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background = "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background @DAEMON Tools Pro Agent"C:\Program Files\DAEMON Tools Pro\DTProAgent.exe" = "C:\Program Files\DAEMON Tools Pro\DTProAgent.exe" @cogad"C:\Documents and Settings\Nikola\Application Data\cogad\cogad.exe" 61A847B5BBF72813329D31466188719AB689201522886B092CBD44BD8689220221DD3257 = "C:\Documents and Settings\Nikola\Application Data\cogad\cogad.exe" 61A847B5BBF72813329D31466188719AB689201522886B092CBD44BD8689220221DD3257 @lrijh8s73jhbfgfdC:\DOCUME~1\Nikola\LOCALS~1\Temp\winlognn.exe = C:\DOCUME~1\Nikola\LOCALS~1\Temp\winlognn.exe @rs32netC:\WINDOWS\System32\rs32net.exe = C:\WINDOWS\System32\rs32net.exe @MS AntiSpyware 2009"C:\Documents and Settings\All Users\Application Data\CrucialSoft Ltd\MS AntiSpyware 2009\msas2009.exe" /autorun = "C:\Documents and Settings\All Users\Application Data\CrucialSoft Ltd\MS AntiSpyware 2009\msas2009.exe" /autorun HKLM\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad@WPDShServiceObj = C:\WINDOWS\system32\WPDShServiceObj.dll HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler@{D5BF4552-94F1-42BD-F434-3604812C807D} = C:\WINDOWS\system32\gsdrgfdrrgnd.dll HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved >>> @{42071714-76d4-11d1-8b24-00a0c9068ff3} /Display Panning CPL Extension/deskpan.dll /file not found/ = deskpan.dll /file not found/ @{596AB062-B4D2-4215-9F74-E9109B0A8153} /Previous Versions Property Page/%SystemRoot%\system32\twext.dll = %SystemRoot%\system32\twext.dll @{9DB7A13C-F208-4981-8353-73CC61AE2783} /Previous Versions/%SystemRoot%\system32\twext.dll = %SystemRoot%\system32\twext.dll @{00E7B358-F65B-4dcf-83DF-CD026B94BFD4} /Autoplay for SlideShow/(null) = @{692F0339-CBAA-47e6-B5B5-3B84DB604E87} /Extensions Manager Folder/%SystemRoot%\system32\extmgr.dll = %SystemRoot%\system32\extmgr.dll @{4858E7D9-8E12-45a3-B6A3-1CD128C9D403} /TuneUp Shredder Shell Extension/C:\Program Files\TuneUp Utilities 2007\SDShelEx-win32.dll = C:\Program Files\TuneUp Utilities 2007\SDShelEx-win32.dll @{44440D00-FF19-4AFC-B765-9A0970567D97} /TuneUp Theme Extension/%SystemRoot%\system32\uxtuneup.dll = %SystemRoot%\system32\uxtuneup.dll @{B327765E-D724-4347-8B16-78AE18552FC3} /NeroDigitalIconHandler/C:\Program Files\Common Files\Ahead\Lib\NeroDigitalExt.dll = C:\Program Files\Common Files\Ahead\Lib\NeroDigitalExt.dll @{7F1CF152-04F8-453A-B34C-E609530A9DC8} /NeroDigitalPropSheetHandler/C:\Program Files\Common Files\Ahead\Lib\NeroDigitalExt.dll = C:\Program Files\Common Files\Ahead\Lib\NeroDigitalExt.dll @{e82a2d71-5b2f-43a0-97b8-81be15854de8} /ShellLink for Application References/C:\WINDOWS\system32\dfshim.dll = C:\WINDOWS\system32\dfshim.dll @{E37E2028-CE1A-4f42-AF05-6CEABC4E5D75} /Shell Icon Handler for Application References/C:\WINDOWS\system32\dfshim.dll = C:\WINDOWS\system32\dfshim.dll @{B41DB860-8EE4-11D2-9906-E49FADC173CA} /WinRAR shell extension/C:\Program Files\WinRAR\rarext.dll = C:\Program Files\WinRAR\rarext.dll @{BDEADF00-C265-11D0-BCED-00A0C90AB50F} /Web Folders/C:\PROGRA~1\COMMON~1\MICROS~1\WEBFOL~1\MSONSEXT.DLL = C:\PROGRA~1\COMMON~1\MICROS~1\WEBFOL~1\MSONSEXT.DLL @{00020D75-0000-0000-C000-000000000046} /Microsoft Office Outlook Desktop Icon Handler/C:\PROGRA~1\MICROS~2\OFFICE11\MLSHEXT.DLL = C:\PROGRA~1\MICROS~2\OFFICE11\MLSHEXT.DLL @{0006F045-0000-0000-C000-000000000046} /Microsoft Office Outlook Custom Icon Handler/C:\PROGRA~1\MICROS~2\OFFICE11\OLKFSTUB.DLL = C:\PROGRA~1\MICROS~2\OFFICE11\OLKFSTUB.DLL @{42042206-2D85-11D3-8CFF-005004838597} /Microsoft Office HTML Icon Handler/C:\Program Files\Microsoft Office\OFFICE11\msohev.dll = C:\Program Files\Microsoft Office\OFFICE11\msohev.dll @{416651E4-9C3C-11D9-8BDE-F66BAD1E3F3A} /PhoneBrowser/C:\Program Files\Nokia\Nokia PC Suite 6\PhoneBrowser.dll = C:\Program Files\Nokia\Nokia PC Suite 6\PhoneBrowser.dll @{35786D3C-B075-49b9-88DD-029876E11C01} /Portable Devices/%SystemRoot%\system32\wpdshext.dll = %SystemRoot%\system32\wpdshext.dll @{D6791A63-E7E2-4fee-BF52-5DED8E86E9B8} /Portable Devices Menu/%SystemRoot%\system32\wpdshext.dll = %SystemRoot%\system32\wpdshext.dll @{F0CB00CD-5A07-4D91-97F5-A8C92CDA93E4} /Shell Extensions for RealOne Player/C:\Program Files\Real\RealPlayer\rpshell.dll = C:\Program Files\Real\RealPlayer\rpshell.dll @{FC9FB64A-1EB2-4CCF-AF5E-1A497A9B5C2D} /Messenger Sharing Folders/C:\Program Files\MSN Messenger\fsshext.8.1.0178.00.dll = C:\Program Files\MSN Messenger\fsshext.8.1.0178.00.dll @{52B87208-9CCF-42C9-B88E-069281105805} /Trojan Remover Shell Extension/(null) = @{32020A01-506E-484D-A2A8-BE3CF17601C3} /AlcoholShellEx/C:\PROGRA~1\ALCOHO~1\ALCOHO~1\AXShlEx.dll = C:\PROGRA~1\ALCOHO~1\ALCOHO~1\AXShlEx.dll @{472083B0-C522-11CF-8763-00608CC02F24} /avast/C:\Program Files\Alwil Software\Avast4\ashShell.dll = C:\Program Files\Alwil Software\Avast4\ashShell.dll @{AD392E40-428C-459F-961E-9B147782D099} /UltraISO/C:\Program Files\UltraISO\isoshell.dll = C:\Program Files\UltraISO\isoshell.dll HKLM\Software\Classes\\shellex\ContextMenuHandlers\ >>> avast@{472083B0-C522-11CF-8763-00608CC02F24} = C:\Program Files\Alwil Software\Avast4\ashShell.dll DaemonShellExtImage@{40966797-8FFE-46C8-9EF8-7003F33CCF0F} = C:\Program Files\DAEMON Tools Pro\imgshl32.dll MagicISO@{DB85C504-C730-49DD-BEC1-7B39C6103B7A} = C:\Program Files\MagicISO\misosh.dll TuneUp Shredder Shell Extension@{4858E7D9-8E12-45a3-B6A3-1CD128C9D403} = C:\Program Files\TuneUp Utilities 2007\SDShelEx-win32.dll WinRAR@{B41DB860-8EE4-11D2-9906-E49FADC173CA} = C:\Program Files\WinRAR\rarext.dll HKLM\Software\Classes\*\shellex\ContextMenuHandlers@{EB4D3CFE-E2AA-4C6E-B2FE-2A749F95D208} = C:\Program Files\Nero\Nero 7\Nero BackItUp\NBShell.dll HKLM\Software\Classes\Directory\shellex\ContextMenuHandlers\ >>> MagicISO@{DB85C504-C730-49DD-BEC1-7B39C6103B7A} = C:\Program Files\MagicISO\misosh.dll TuneUp Shredder Shell Extension@{4858E7D9-8E12-45a3-B6A3-1CD128C9D403} = C:\Program Files\TuneUp Utilities 2007\SDShelEx-win32.dll UltraISO@{AD392E40-428C-459F-961E-9B147782D099} = C:\Program Files\UltraISO\isoshell.dll WinRAR@{B41DB860-8EE4-11D2-9906-E49FADC173CA} = C:\Program Files\WinRAR\rarext.dll HKLM\Software\Classes\Folder\shellex\ContextMenuHandlers\ >>> avast@{472083B0-C522-11CF-8763-00608CC02F24} = C:\Program Files\Alwil Software\Avast4\ashShell.dll MagicISO@{DB85C504-C730-49DD-BEC1-7B39C6103B7A} = C:\Program Files\MagicISO\misosh.dll UltraISO@{AD392E40-428C-459F-961E-9B147782D099} = C:\Program Files\UltraISO\isoshell.dll WinRAR@{B41DB860-8EE4-11D2-9906-E49FADC173CA} = C:\Program Files\WinRAR\rarext.dll HKLM\Software\Classes\Folder\shellex\ContextMenuHandlers@{EB4D3CFE-E2AA-4C6E-B2FE-2A749F95D208} = C:\Program Files\Nero\Nero 7\Nero BackItUp\NBShell.dll HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects@{d5bf4552-94f1-42bd-f434-3604812c807d} = C:\WINDOWS\system32\gsdrgfdrrgnd.dll HKLM\Software\Microsoft\Internet Explorer\Main >>> @Default_Page_URLhttp://go.microsoft.com/fwlink/?LinkId=69157 = go.microsoft.com/fwlink/?LinkId=69157 @Start Pagehttp://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home = microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home @Local Page%SystemRoot%\system32\blank.htm = %SystemRoot%\system32\blank.htm HKCU\Software\Microsoft\Internet Explorer\Main >>> @Start Pagehttp://www.daemon-search.com/star = daemon-search.com/star @Local PageC:\WINDOWS\system32\blank.htm = C:\WINDOWS\system32\blank.htm HKLM\Software\Classes\PROTOCOLS\Filter\text/xml@CLSID = C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL HKLM\Software\Classes\PROTOCOLS\Handler\ >>> dvd@CLSID = C:\WINDOWS\system32\msvidctl.dll its@CLSID = C:\WINDOWS\system32\itss.dll livecall@CLSID = C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL mhtml@CLSID = %SystemRoot%\system32\inetcomm.dll ms-its@CLSID = C:\WINDOWS\system32\itss.dll msnim@CLSID = C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL mso-offdap@CLSID = C:\PROGRA~1\COMMON~1\MICROS~1\WEBCOM~1\10\OWC10.DLL mso-offdap11@CLSID = C:\PROGRA~1\COMMON~1\MICROS~1\WEBCOM~1\11\OWC11.DLL skype4com@CLSID = C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL tv@CLSID = C:\WINDOWS\system32\msvidctl.dll wia@CLSID = C:\WINDOWS\system32\wiascr.dll HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\ >>> 000000000004@LibraryPath = C:\Program Files\Bonjour\mdnsNSP.dll HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000005@LibraryPath = %SystemRoot%\system32\wshbth.dll ---- EOF - GMER 1.0.14 ----

Profil

helen1 Poslao: 29 Jan 2009 12:55 Idi na vrh
offline helen1 Anti Malware Fighter Rank 2 Master učitelj Pridružio: 27 Avg 2005 Poruke: 8620 Gde živiš: Novi Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Prikaci mi te logove uz poruku.

Profil

Gaius Poslao: 29 Jan 2009 13:27 Idi na vrh
offline Gaius Građanin Pridružio: 28 Jan 2009 Poruke: 76	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: Evo : mycity.rs/must-login.png Dopuna: 29 Jan 2009 13:27 i ovo: mycity.rs/must-login.png

Profil

helen1 Poslao: 29 Jan 2009 20:27 Idi na vrh
offline helen1 Anti Malware Fighter Rank 2 Master učitelj Pridružio: 27 Avg 2005 Poruke: 8620 Gde živiš: Novi Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Iskljuci Avast. Postavi mi novi ComboFix log.

Profil

Gaius Poslao: 30 Jan 2009 11:03 Idi na vrh
offline Gaius Građanin Pridružio: 28 Jan 2009 Poruke: 76	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Reinstaliracu Windows, nema drugog resenja, koci suvise da bih skenirao sa bilo cime.

Profil

helen1 Poslao: 30 Jan 2009 14:21 Idi na vrh
offline helen1 Anti Malware Fighter Rank 2 Master učitelj Pridružio: 27 Avg 2005 Poruke: 8620 Gde živiš: Novi Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Gaius ::Reinstaliracu Windows, nema drugog resenja, koci suvise da bih skenirao sa bilo cime. OK. Jbg, bas si se uvalio.

Profil

Gaius Poslao: 31 Jan 2009 14:47 Idi na vrh
offline Gaius Građanin Pridružio: 28 Jan 2009 Poruke: 76	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Sistem je odradjen. A sada moze preporuka sta koristiti od zastite, provjereno dobro, koji av, anti spyware, malware, sta ja znam... Dopuna: 31 Jan 2009 14:47 Evo problemi i dalje nastavljeni. Instalirao sam Zone Alarm i on konstantno blokira upad sa odredjenje ip adrese i blokira masu programa da se konektuju na net. Ne mogu da instaliram Spybot S&D...

Profil

helen1 Poslao: 31 Jan 2009 15:02 Idi na vrh
offline helen1 Anti Malware Fighter Rank 2 Master učitelj Pridružio: 27 Avg 2005 Poruke: 8620 Gde živiš: Novi Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! I treba da blokira upade, to je normalno. Za to mozes da mu stikliras da te vise ne obavestava. A, za to blokiranje mase programa, kada te pita za neki program, ti mu kazi allow.

Profil

MyCity » Ambulanta -> Arhiva Ambulante » Veliki problem, pomoc !

Ko je trenutno na forumu

Ukupno su 851 korisnika na forumu :: 31 registrovanih, 5 sakrivenih i 815 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: aleksmajstor, babaroga, bokisha253, Denaya, DonRumataEstorski, HogarStrashni, HrcAk47, JOntra, jukeboxer, kolle.the.kid, krkalon, Kubovac, kuntalo, kybonacci, mean_machine, Mercury, Nemanja.M, nenad81, novator, Parker, pein, procesor, raketaš, RILE-NS, Skywhaler, Stanlio, tubular, Vlada1389, vladaa012, voja64, zicko.spacek

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by